Experimental Analysis of Subscribers' Privacy Exposure by LTE Paging

07/30/2018
by   Christian Sørseth, et al.
0

Over the last years, considerable attention has been given to the privacy of individuals in wireless environments. Although significantly improved over the previous generations of mobile networks, LTE still exposes vulnerabilities that attackers can exploit. This might be the case of paging messages, wake-up notifications that target specific subscribers, and that are broadcasted in clear over the radio interface. If they are not properly implemented, paging messages can expose the identity of subscribers and furthermore provide information about their location. It is therefore important that mobile network operators comply with the recommendations and implement the appropriate mechanisms to mitigate attacks. In this paper, we verify by experiment that paging messages can be captured and decoded by using minimal technical skills and publicly available tools. Moreover, we present a general experimental method to test privacy exposure by LTE paging messages, and we conduct a case study on three different LTE mobile operators.

READ FULL TEXT
research
08/02/2018

The Privacy Exposure Problem in Mobile Location-based Services

Mobile location-based services (LBSs) empowered by mobile crowdsourcing ...
research
09/18/2020

Pretty Good Phone Privacy

A fundamental property of today's cellular architecture—in order to rece...
research
12/20/2019

Pentest on an Internet Mobile App: A Case Study using Tramonto

Mobile applications are used to handle different types of data. Commonly...
research
12/15/2018

A Survey of Privacy Infrastructures and Their Vulnerabilities

Over the last two decades, the scale and complexity of Anonymous network...
research
12/31/2021

Privacy-Protecting COVID-19 Exposure Notification Based on Cluster Events

We provide a rough sketch of a simple system design for exposure notific...
research
08/06/2023

A Security and Usability Analysis of Local Attacks Against FIDO2

The FIDO2 protocol aims to strengthen or replace password authentication...
research
02/04/2022

With a Little Help from My Friends: Transport Deniability for Instant Messaging

Traffic analysis for instant messaging (IM) applications continues to po...

Please sign up or login with your details

Forgot password? Click here to reset